xmlsecurity: add initial PDF sign UI

An unsigned PDF can be signed now, but the stream still gets truncated on closing the dialog. Change-Id: I12dd50bf577cd23b3355f6c6d03e71a9c0dbcfab

xmlsecurity: add initial PDF sign UI
An unsigned PDF can be signed now, but the stream still gets truncated on closing the dialog. Change-Id: I12dd50bf577cd23b3355f6c6d03e71a9c0dbcfab
e2b6ab0b · Miklos Vajna · 77e89962 · e2b6ab0b · e2b6ab0b · e2b6ab0b
Kaydet (Commit) e2b6ab0b authored Eki 20, 2016 tarafından Miklos Vajna
4 changed files
--- a/sfx2/source/doc/docfile.cxx
+++ b/sfx2/source/doc/docfile.cxx
@@ -3606,7 +3606,7 @@ bool SfxMedium::SignContents_Impl( bool bScriptingContent, const OUString& aODFV
                    else
                    {
                        // Something not based: e.g. PDF.
-                        SvStream* pStream = utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ);
+                        SvStream* pStream = utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ | StreamMode::WRITE);
                        uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream));
                        if (xSigner->signDocumentContent(uno::Reference<embed::XStorage>(), xStream))
                            bChanges = true;

--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -29,11 +29,23 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> m_xSecurityContext;
    SignatureInformations m_aSignatureInfos;

+    css::uno::Reference<css::security::XCertificate> m_xCertificate;
+    OUString m_aDescription;
+
 public:
    PDFSignatureHelper(const css::uno::Reference<css::uno::XComponentContext>& xComponentContext);
    bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
    css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations() const;
    SignatureInformations GetSignatureInformations() const;
+
+    /// Return the ID of the next created signature.
+    sal_Int32 GetNewSecurityId() const;
+    /// Certificate to be used next time signing is performed.
+    void SetX509Certificate(const css::uno::Reference<css::security::XCertificate>& xCertificate);
+    /// Comment / reason to be used next time signing is performed.
+    void SetDescription(const OUString& rDescription);
+    /// Append a new signature at the end of xInputStream.
+    bool Sign(const css::uno::Reference<css::io::XInputStream>& xInputStream);
 };

 #endif // INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX

--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -209,6 +209,21 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
        return false;
    }

+    if (!mxStore.is())
+    {
+        // Something not ZIP based, try PDF.
+        nSecurityId = getPDFSignatureHelper().GetNewSecurityId();
+        getPDFSignatureHelper().SetX509Certificate(xCert);
+        getPDFSignatureHelper().SetDescription(rDescription);
+        uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY);
+        if (!getPDFSignatureHelper().Sign(xInputStream))
+        {
+            SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed");
+            return false;
+        }
+        return true;
+    }
+
    maSignatureHelper.StartMission();

    nSecurityId = maSignatureHelper.GetNewSecurityId();

--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -51,6 +51,8 @@ bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputS
    if (aSignatures.empty())
        return true;

+    m_aSignatureInfos.clear();
+
    for (size_t i = 0; i < aSignatures.size(); ++i)
    {
        SignatureInformation aInfo(i);
@@ -104,4 +106,46 @@ uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDoc
    return aRet;
 }

+sal_Int32 PDFSignatureHelper::GetNewSecurityId() const
+{
+    return m_aSignatureInfos.size();
+}
+
+void PDFSignatureHelper::SetX509Certificate(const uno::Reference<security::XCertificate>& xCertificate)
+{
+    m_xCertificate = xCertificate;
+}
+
+void PDFSignatureHelper::SetDescription(const OUString& rDescription)
+{
+    m_aDescription = rDescription;
+}
+
+bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStream)
+{
+    std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+    xmlsecurity::pdfio::PDFDocument aDocument;
+    if (!aDocument.Read(*pStream))
+    {
+        SAL_WARN("xmlsecurity.helper", "failed to read the document");
+        return false;
+    }
+
+    if (!aDocument.Sign(m_xCertificate))
+    {
+        SAL_WARN("xmlsecurity.helper", "failed to sign");
+        return false;
+    }
+
+    uno::Reference<io::XStream> xStream(xInputStream, uno::UNO_QUERY);
+    std::unique_ptr<SvStream> pOutStream(utl::UcbStreamHelper::CreateStream(xStream, true));
+    if (!aDocument.Write(*pOutStream))
+    {
+        SAL_WARN("xmlsecurity.helper", "failed to write signed data");
+        return false;
+    }
+
+    return true;
+}
+
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */